From 39b77569587b46ba4a3156392add96f0db4d48fb Mon Sep 17 00:00:00 2001
From: averbukh <averbukh@google.com>
Date: Wed, 15 Dec 2021 18:26:44 +0100
Subject: [PATCH] Rewording, fix typos

---
 cloud-operations/README.md                          | 4 ++--
 cloud-operations/onprem-sa-key-management/README.md | 4 ++--
 modules/iam-service-account/main.tf                 | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/cloud-operations/README.md b/cloud-operations/README.md
index fb8fe9e90..1a491e94f 100644
--- a/cloud-operations/README.md
+++ b/cloud-operations/README.md
@@ -49,6 +49,6 @@ The example's feed tracks changes to Google Compute instances, and the Cloud Fun
 ## On-prem Service Account key management
 
 
-This [example](./onprem-sa-key-management) shows how to manage IAM Service Account Keys by generating a key pair and uploading the public part of the key to GCP.
-
+This [example](./onprem-sa-key-management) shows how to manage IAM Service Account Keys by manually generating a key pair and uploading the public part of the key to GCP.
+s
 <br clear="left">
\ No newline at end of file
diff --git a/cloud-operations/onprem-sa-key-management/README.md b/cloud-operations/onprem-sa-key-management/README.md
index c16c56db6..1d8d8f873 100644
--- a/cloud-operations/onprem-sa-key-management/README.md
+++ b/cloud-operations/onprem-sa-key-management/README.md
@@ -2,10 +2,10 @@
 
 When managing GCP Service Accounts with terraform, it's often a question on **how to avoid Service Account Key in the terraform state?**
 
-This example shows how to manage IAM Service Account Keys by generating a key pair and uploading the public part of the key to GCP, it has the following benefits:
+This example shows how to manage IAM Service Account Keys by manually generating a key pair and uploading the public part of the key to GCP. It has the following benefits:
 
  - no [passing keys between users](https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys#pass-between-users) or systems
- - no SA key stored in the terraform state (only public part of the key in the state)
+ - no private keys stored in the terraform state (only public part of the key is in the state)
  - let keys [expire automatically](https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys#key-expiryhaving)
 
 
diff --git a/modules/iam-service-account/main.tf b/modules/iam-service-account/main.tf
index dc0ee3b45..719559081 100644
--- a/modules/iam-service-account/main.tf
+++ b/modules/iam-service-account/main.tf
@@ -71,7 +71,7 @@ locals {
         type : "service_account",
         project_id : var.project_id,
         private_key_id : split("/", google_service_account_key.upload_key[file].id)[5]
-        private_key : "REPLASE_ME_WITH_PRIVATE_KEY_DATA"
+        private_key : "REPLACE_ME_WITH_PRIVATE_KEY_DATA"
         client_email : local.resource_email_static
         client_id : local.service_account.unique_id,
         auth_uri : "https://accounts.google.com/o/oauth2/auth",